Password Reuse - Control networks double the risk
Control system vendors continue to bury hidden "default" passwords in their system which can fall victim to malware or hackers, making them the perfect backdoor into a company's operations.
Eric Byres
Jason Holcomb at Digital Bond wrote a great article called “Everybody Knows Your Passwords” on the issues of default passwords. In it he talked about how some control system vendors continue to bury hidden “default” passwords in their system. As Stuxnet illustrated, these passwords can fall victim to malware or hackers, making them the perfect backdoor into a company’s operations.
This week, I will add two more issues to this whole password “Hash Up” (sorry for the bad pun) that is a danger to control system security.
Password Re-use
The first is the problem of password reuse in control systems. Password reuse is the habit we all have of using the same password on multiple systems. In the IT world it is causing considerable concern because people use the same password for signing up for a free software download site as they use for accessing their bank account.
http://www.isssource.com/password-reuse-%E2%80%93-control-networks-double-the-risk/
- Related News:
Microgrids looking for right model - 02.01.2011 12:14- Underground security system - 02.01.2011 12:13
- Security zones create 'architecture of fear' - 02.01.2011 12:12
- WIB security standard released - 02.01.2011 12:11
- Slowdown: Users turn off anti-virus software - 02.01.2011 12:10
- HDTVs vulnerable to hack attacks - 02.01.2011 12:09
- Cyber security bill in Senate - 02.01.2011 12:08
- SC utility slow to fix nuclear safety equipment - 02.01.2011 12:07
- Chevron shuts, purges Utah pipline - 02.01.2011 12:06
- BP faces new suit from feds - 02.01.2011 12:05
- BP oil spill blankets Gulf Sea bed - 02.01.2011 12:04
- Hacker Report: More malware in 2011 - 02.01.2011 12:03
- Stuxnet Video: Mitigation strategy outlined - 02.01.2011 12:00